Great people share their wisdom without asking for anything in return…

Menu

Apple EFI firmware not using the latest version of ME

You can now run software like EFIgy or my EFIver.py to see if you are using the latest EFI update from Apple, but that doesn’t necessarily mean that you are using the latest and greatest from Intel. Not for the following models:

This shows us a limitation of EFIgy and my very own EFIver.py script. One that I would like to address soon. Speaking of which, the latest beta (v3.2) now also runs with Python3 – required for Windows and Linux – but you’ll need PyObjc.

And while I don’t really know if this opens un-patched attack vectors, or if this is Apple’s fault (but Intel?) but I like to keep my Mac safe. As much as I can, and then something like this isn’t really helping me.

To be really safe you could always disable ME (or parts of it?), as e.g. the intelligence agencies do, by setting the NSA’s “reserve_hap” to 1: http://blog.ptsecurity.com/2017/08/disabling-intel-me.html … don’t know if macOS will boot with such a setup. But if this is possible, I’m thinking about doing this myself.